Bug 1429670 - Build docker images based on Debian wheezy to use instead of desktop-build. r=gps

At the same time, restrict the installed packages to the script requirements to build Firefox. Toolchains have their own image so we don't need to install packages for them. --HG-- extra : rebase_source : c0e7aa178b1ce2ceb01f9dfe6af37bbb54d4d708
2024-11-29 07:42:04 +00:00 · 2018-01-11 14:56:12 +09:00 · 2018-01-11 14:56:12 +09:00 · 557293d62c
commit 557293d62c
parent aeabb73d84
2 changed files with 149 additions and 0 deletions
--- a/taskcluster/ci/docker-image/kind.yml
+++ b/taskcluster/ci/docker-image/kind.yml
@ -31,6 +31,26 @@ jobs:
      - deb7-mercurial
      - deb7-ninja
      - deb7-python
+  debian7-amd64-build:
+    symbol: I(deb7)
+    definition: debian7-build
+    packages:
+      - deb7-git
+      - deb7-mercurial
+      - deb7-python
+      - deb7-valgrind
+    args:
+      ARCH: amd64
+  debian7-i386-build:
+    symbol: I(deb7-32)
+    definition: debian7-build
+    packages:
+      - deb7-git
+      - deb7-mercurial
+      - deb7-python
+      - deb7-valgrind
+    args:
+      ARCH: i386
  lint:
    symbol: I(lnt)
  android-build:
--- a/taskcluster/docker/debian7-build/Dockerfile
+++ b/taskcluster/docker/debian7-build/Dockerfile
@ -0,0 +1,129 @@
+FROM debian:wheezy-20171210
+MAINTAINER Mike Hommey <mhommey@mozilla.com>
+
+### Add worker user and setup its workspace.
+RUN mkdir /builds && \
+    groupadd -g 500 worker && \
+    useradd -u 500 -g 500 -d /builds/worker -s /bin/bash -m worker && \
+    mkdir -p /builds/worker/workspace && \
+    chown -R worker:worker /builds
+
+# Declare default working folder
+WORKDIR /builds/worker
+
+VOLUME /builds/worker/checkouts
+VOLUME /builds/worker/workspace
+VOLUME /builds/worker/tooltool-cache
+
+# Set variable normally configured at login, by the shells parent process, these
+# are taken from GNU su manual
+ENV HOME=/builds/worker \
+    SHELL=/bin/bash \
+    USER=worker \
+    LOGNAME=worker \
+    HOSTNAME=taskcluster-worker \
+    DEBIAN_FRONTEND=noninteractive
+
+# Set a default command useful for debugging
+CMD ["/bin/bash", "--login"]
+
+# Set apt sources list to a snapshot.
+RUN for s in debian_wheezy debian_wheezy-updates debian_wheezy-backports debian-security_wheezy/updates; do \
+      echo "deb http://snapshot.debian.org/archive/${s%_*}/20171210T214726Z/ ${s#*_} main"; \
+    done > /etc/apt/sources.list
+
+RUN apt-get -o Acquire::Check-Valid-Until=false update -q && \
+    apt-get install -yyq --no-install-recommends \
+      apt-transport-https \
+      ca-certificates
+
+# %ARG DOCKER_IMAGE_PACKAGES
+RUN for task in $DOCKER_IMAGE_PACKAGES; do \
+      echo "deb [trusted=yes] https://queue.taskcluster.net/v1/task/$task/runs/0/artifacts/public/build/ debian/" >> /etc/apt/sources.list; \
+    done
+
+# %ARG ARCH
+RUN dpkg --add-architecture $ARCH
+
+# Ideally, we wouldn't need gcc-multilib and the extra linux-libc-dev,
+# but the latter is required to make the former installable, and the former
+# because of bug 1409276.
+RUN apt-get -o Acquire::Check-Valid-Until=false update -q && \
+    apt-get install -yyq --no-install-recommends \
+      autoconf2.13 \
+      automake \
+      bzip2 \
+      curl \
+      file \
+      gawk \
+      gcc-multilib \
+      git \
+      gnupg \
+      make \
+      mercurial \
+      p7zip-full \
+      procps \
+      python \
+      python-pip \
+      python-setuptools \
+      python-virtualenv \
+      rsync \
+      screen \
+      tar \
+      unzip \
+      uuid \
+      valgrind \
+      wget \
+      x11-utils \
+      xvfb \
+      xz-utils \
+      yasm/wheezy-backports \
+      zip \
+      linux-libc-dev/wheezy-backports \
+      linux-libc-dev:$ARCH/wheezy-backports \
+      pkg-config:$ARCH \
+      libdbus-glib-1-dev:$ARCH \
+      libfontconfig1-dev:$ARCH \
+      libfreetype6-dev:$ARCH \
+      libgconf2-dev:$ARCH \
+      libgtk-3-dev:$ARCH \
+      libgtk2.0-dev:$ARCH \
+      libpango1.0-dev:$ARCH \
+      libpulse-dev:$ARCH \
+      libx11-xcb-dev:$ARCH \
+      libxss-dev:$ARCH \
+      libxt-dev:$ARCH \
+    && \
+    apt-get clean
+
+# %include testing/mozharness/external_tools/robustcheckout.py
+COPY topsrcdir/testing/mozharness/external_tools/robustcheckout.py /usr/local/mercurial/robustcheckout.py
+
+# %include taskcluster/docker/recipes/hgrc
+COPY topsrcdir/taskcluster/docker/recipes/hgrc /etc/mercurial/hgrc.d/mozilla.rc
+
+# Add pip configuration, among other things.
+# %include taskcluster/docker/recipes/dot-config
+COPY topsrcdir/taskcluster/docker/recipes/dot-config /builds/worker/.config
+
+# Add wrapper scripts for xvfb allowing tasks to easily retry starting up xvfb
+# %include taskcluster/docker/recipes/xvfb.sh
+COPY topsrcdir/taskcluster/docker/recipes/xvfb.sh /builds/worker/scripts/xvfb.sh
+
+# %include taskcluster/docker/recipes/run-task
+COPY topsrcdir/taskcluster/docker/recipes/run-task /builds/worker/bin/run-task
+
+# Stubbed out credentials; mozharness looks for this file an issues a WARNING
+# if it's not found, which causes the build to fail.  Note that this needs to
+# be in the parent of the workspace directory and in the directory where
+# mozharness is run (not its --work-dir).  See Bug 1169652.
+# %include taskcluster/docker/desktop-build/oauth.txt
+COPY topsrcdir/taskcluster/docker/desktop-build/oauth.txt /builds/worker/
+
+# stubbed out buildprops, which keeps mozharness from choking
+# Note that this needs to be in the parent of the workspace directory and in
+# the directory where mozharness is run (not its --work-dir)
+# %include taskcluster/docker/desktop-build/buildprops.json
+COPY topsrcdir/taskcluster/docker/desktop-build/buildprops.json /builds/worker/
+
+RUN chown -R worker:worker /builds/worker/bin && chmod 755 /builds/worker/bin/*